Same mindset you need to sell a life saving drug at 500% markup. Budding entrepreneurs learn from the best.
General / Off-Topic NHS cyber-attack: GPs and hospitals hit by ransomware
- Thread starter Pyrotiger
- Start date
Same mindset you need to sell a life saving drug at 500% markup. Budding entrepreneurs learn from the best.
Very true - there is always some degree of risk. No matter how much kit you have or however big a barrier you build, it's all worth nothing if something on the inside turns.
However, if they had stayed on mainframe, this particular nastiness could not have happened in the way it did.
They found the culprit ! This is Putin
True, but that would require everything to be Mainframe and Terminals. As long as there are windows clients there was going to be impact and you cant do everything from a VT 100
. Once an endpoint is compromised whatever that endpoint has access to is potentially at risk, no matter what platform it resides on and whatever function that endpoint was used for may be stopped from working, even if only a terminal emulator. according to https://securelist.com/blog/inciden...sed-in-widespread-attacks-all-over-the-world/ files of the following extensions are encrypted:
.der, .pfx, .key, .crt, .csr, .p12, .pem, .odt, .ott, .sxw, .stw, .uot, .3ds, .max, .3dm, .ods, .ots, .sxc, .stc, .dif, .slk, .wb2, .odp, .otp, .sxd, .std, .uop, .odg, .otg, .sxm, .mml, .lay, .lay6, .asc, .sqlite3, .sqlitedb, .sql, .accdb, .mdb, .dbf, .odb, .frm, .myd, .myi, .ibd, .mdf, .ldf, .sln, .suo, .cpp, .pas, .asm, .cmd, .bat, .ps1, .vbs, .dip, .dch, .sch, .brd, .jsp, .php, .asp, .java, .jar, .class, .mp3, .wav, .swf, .fla, .wmv, .mpg, .vob, .mpeg, .asf, .avi, .mov, .mp4, .3gp, .mkv, .3g2, .flv, .wma, .mid, .m3u, .m4u, .djvu, .svg, .psd, .nef, .tiff, .tif, .cgm, .raw, .gif, .png, .bmp, .jpg, .jpeg, .vcd, .iso, .backup, .zip, .rar, .tgz, .tar, .bak, .tbk, .bz2, .PAQ, .ARC, .aes, .gpg, .vmx, .vmdk, .vdi, .sldm, .sldx, .sti, .sxi, .602, .hwp, .snt, .onetoc2, .dwg, .pdf, .wk1, .wks, .123, .rtf, .csv, .txt, .vsdx, .vsd, .edb, .eml, .msg, .ost, .pst, .potm, .potx, .ppam, .ppsx, .ppsm, .pps, .pot, .pptm, .pptx, .ppt, .xltm, .xltx, .xlc, .xlm, .xlt, .xlw, .xlsb, .xlsm, .xlsx, .xls, .dotx, .dotm, .dot, .docm, .docb, .docx, .doc
The best approach when dealing with these sorts of events is to assume the worst and work back from there. Isolate the threat, patch and restore the data (asuming you have backups). Unless they find a flaw in the encryption restoring is the only option, never pay a ransom. The same goes for at home too, make sure you have backups.
Last edited:
Renault admitted being affected by the attack
Impressed you managed to get an appointment .....
Minonian
Banned
This morning, Europol denounces an international cyber attack "of an unprecedented level"
Minonian
Banned
And one day later the whole R right in France england and Hungary starting to sarcastically put the blame to Putin... I don't know, the attack itself was a russian government action, but one thing is sure this response is coordinated. Too fast, too extensive! And there are no any sign of maturation, buildup it's just came out of the blue in the whole EU.
Edit; Now... In case of 2 extraordinary event you can assume connection, although until it's proven you can't say they are linked in the way how i right now suggesting.
And also? If you see too many times a pattern repeated you can be sure it's not a coincidence. And not this is the first time their response this much an unison and fast. Also? We can close out naturally born systems from the simple reason to have this fast reaction time, without a well developed nerve center? The cohesion must be too big, too many people have to watch each others.
A few can do this, but this much, in this many countries all around the EU in this many languages, and respond in the same way? That's highly unlikely.
Last edited:
Last edited:
Minonian
Banned
And when someone takes care of the next Russian propaganda wisecrack, like the ones Patric keep saying in there? It's just perishes at the same speed how it's appeard. Conclusion? It's impossible, to be a coincidence.
And make no mistake! With social networking, and butterfly effect? You can't reach real time reaction speed!
Fast to come fast to go? It must be an operations center! This two closes out any other possibilities.
And make no mistake! With social networking, and butterfly effect? You can't reach real time reaction speed!
Fast to come fast to go? It must be an operations center! This two closes out any other possibilities.
Last edited:
Graham Cluley is a cybersecurity expert and worth looking at for his take on this.
https://www.grahamcluley.com/wannacry-ransomware-hits-systems-worldwide/
https://www.grahamcluley.com/wannacry-ransomware-hits-systems-worldwide/
Forgetting the ins and outs of cyber security and so on.
Why did the NHS trusts not have a backup plan for this type of eventuality?
They have plans for what to do if there's a major accident like a plane crash or terrorist attack
They have plans for the winter rush or for strikes
Why did they not have a plan for "computer system goes down" or if they did, why did it not seem to work very well?
We have fire drills, we have flashy expensive "major incident drills" with actors playing victims and people in hazmat suits.
Surely the easiest drill to run is the "computers are down" drill? Just a couple of times a year then if this does happen, everyone knows what to do, rather than run around like a headless chicken.
Why did the NHS trusts not have a backup plan for this type of eventuality?
They have plans for what to do if there's a major accident like a plane crash or terrorist attack
They have plans for the winter rush or for strikes
Why did they not have a plan for "computer system goes down" or if they did, why did it not seem to work very well?
We have fire drills, we have flashy expensive "major incident drills" with actors playing victims and people in hazmat suits.
Surely the easiest drill to run is the "computers are down" drill? Just a couple of times a year then if this does happen, everyone knows what to do, rather than run around like a headless chicken.
It's so high profile it might force them to sort something out.
Looks like I picked the wrong week to not be an IT security specialist...
Minonian
Banned
Now, this is a good point. If they are at least keep a backup copy refreshed daily?
Defences would have been specced and designed, plans would have been made, but the cost would have caused the management to "accept the risk" ... It happens all the time and is all well and good until ..... well ... this ....
Also Microsoft have taken the unusual step of releasing patches for OSes which are out of Support: XP, 2003 and Win 8: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Yep the, actually remarkably cheap, deal with Microsoft was cancelled costing the NHS a huge amount in additional license fees for any organisation that tries to keep up to date.
The purchaser/provider model supposed to bring market forces to create efficiency does nothing of the kind, it just breaks up the NHS into smaller individual units. All these units have to connect over the same network so you're generally only as safe as the weakest organisation. It also increases administration.
I work in the NHS and in IT, although not specifically in an area that has to deal with the fallout of this. One thing I would 100% agree with is the huge waste in IT systems (NHS or other government ones as well), what I don't agree with is that it's anything to do with the NHS.
At a political level we're forced to outsource to international mega corporations. These get paid billions for a system that could just as easily be implemented for a few 100 millions. Not only that the competition commission means we can't even go with 1 of these companies. These companies then outsource to cheap (although well educated) development teams often in other "cheaper employment" countries. I don't have a major issue with this but often terminology and working practices don't translate well. Regardless of what anyone thinks of the employment of cheap overseas labour you have to then wonder where the billions of pounds went.
It's much like the practice of forcing the NHS to use PFI for new building etc. Over the past few years government borrowing has been at a record low and yet rather than borrow to invest in infrastructure the publicly owned NHS is forced to use exorbitant interest rates that come with PFI. Ultimately it's the UK public that pay for that interest whilst certain politicians claim the NHS is no longer affordable.